| Version | Supported |
|---|---|
| 2.x | Yes |
| 1.x | No — please upgrade to 2.x |
Only the latest 2.x release receives security fixes. If you are on 1.x, please migrate to 2.x before reporting a vulnerability.
Please do not report security vulnerabilities through public GitHub issues.
To report a security vulnerability, send an email to security@topsort.com with:
- A description of the vulnerability
- Steps to reproduce or a proof-of-concept
- The affected version(s)
- Any suggested mitigations
We will acknowledge your report within 3 business days and aim to release a fix within 30 days for critical issues. We will credit reporters in the release notes unless you request otherwise.